I don't really care about a bug description. But I do feel that having a fix
and not releasing it is a little irresponsible. It doesn't seem to me like too
much to ask that the authors provide fixes to their software.

On Mon, Jun 24, 2002 at 06:40:15PM -0600, Theo de Raadt wrote:
> How many of you want me to send them the exact bug description right
> now?
> 
> And you won't tell anyone, right?  Just our own little secret.  We can
> be so 31337!
> 
> Geez.
> 
> > Sure, as long as I'm not vulnerable to this new bug (which it is
> > irresponsible of them not to give details of, but anyway) I don't really
> > care what version I have. I was just wondering, because I thought I saw 3.3
> > get committed the other day.
> > 
> > On Mon, Jun 24, 2002 at 08:31:13PM -0400, Perry E. Metzger wrote:
> > > 
> > > itojun@iijlab.net writes:
> > > > >Shouldn't we have 3.3 in basesrc/crypto/dist/ssh now? I know I saw commits
> > > > >yesterday (or perhaps the day before) saying it was updated to 3.3, but
> > > > >after a CVS update just now, I still get 3.2.1. I updated crypto/dist/ssh
> > > > >and usr.bin/ssh, and see no differences. Am I doing something wrong?
> > > > 
> > > > 	are you on 1.6 branch?  1.6 branch has 3.2.1 with privilege separation
> > > > 	on by default.
> > > 
> > > Is 3.2.1 with priv sep. sufficient?
> > > 
> > > --
> > > Perry E. Metzger		perry@wasabisystems.com
> > > --
> > > NetBSD: The right OS for your embedded design. http://www.wasabisystems.com/
> > 
> > -- 
> > /~\ The ASCII                         Sean Davis
> > \ / Ribbon Campaign                    aka dive
> >  X  Against HTML
> > / \ Email!                   http://endersgame.net/~dive/
> 

-- 
/~\ The ASCII                         Sean Davis
\ / Ribbon Campaign                    aka dive
 X  Against HTML
/ \ Email!                   http://endersgame.net/~dive/